There are numerous instances where periodic or on-demand audit checks on configurations can ensure consistency and security in the infrastructure. The following use case illustrates how a audit check for Virtual Port-Channel (vPC) configuration can be performed - the same methodology can be extended to check ACLs, QoS, and many other use cases.

vPC or Virtual Port Channel is a technology created by Cisco which allows physical links connected to two separate sets of switches to appear as a single port channel to the end devices. The end devices could be any network device such as servers, routers, firewalls, etc. The advantage of vPC is it provides redundancy to the devices while increasing bandwidth.

vPC configuration in some cases can be tedious and error-prone as:

  • vPC requires several steps to configure
  • vPC configuration steps must follow a specific order
  • Certain vPC configuration elements must be identical on both switches

Sample Topology used by the vPC Consistency Handling Script

Sample Topology used by the vPC Consistency Handling Script

Operators can benefit from an automated mechanism that helps validate the consistency of vPC configurations.